Rescue mode is a special operating state provided by Linux VPS (Virtual Private Server). Simply put, it's a "temporary miniature operating system that doesn't rely on the main system disk."
In the normal boot process, the VPS loads a bootloader (GRUB) from the main hard drive and boots the installed operating system (such as CentOS, Ubuntu, or Debian). When the main system's boot files are corrupted, the kernel crashes, the firewall mistakenly blocks ports, or the root password is forgotten, the VPS will fail to boot or log in normally.
At this time, rescue mode provides a bypass environment:
Runtime environment: The system runs in memory, using a temporary read-only image provided by the cloud service provider, and does not read any operating system files from the main hard drive.
Operation permissions: Root privileges are automatically granted, and the original system password is not required.
Core functionality: Allows users to mount, inspect, and modify the main hard drive as a regular external data disk.
Core principle of rescue mode (technical overview):
From a technical perspective, the underlying virtualization platform of the VPS (such as KVM or Xen) modifies the boot order of the virtual machines during startup.
Normal Process:
`BIOS/UEFI → Main Disk MBR/GPT → GRUB Bootloader → Linux Kernel → System Initialization`
Rescue Mode Process:
`BIOS/UEFI → ISO/Kernel Image provided by the virtualization platform (loaded via network) → Mini-system in memory (Alpine Linux or BusyBox)`
Because this process bypasses the main disk's boot sector, rescue mode can still boot successfully even if the main disk's `/boot` partition is completely corrupted or `/etc/fstab` is misconfigured causing infinite reboots.
When is rescue mode needed?
| Scenario Classification | Specific Fault Manifestations | Rescue Mode Solutions |
| Login Credentials Lost | Forgot root password, lost SSH key. | After mounting the system disk, execute `chroot` to reset the password or import a new public key. |
| Boot Configuration Corruption: | Kernel upgrade failure and missing GRUB configuration files caused a system `Kernel Panic`. | After mounting the partition, regenerate `initramfs` or repair GRUB. |
| Network Configuration Error: | Modification of `/etc/network/interfaces` or firewall rules causing network outage. | After mounting, comment out the incorrect configuration line and disable the firewall from starting automatically. |
| File System Corruption | Abnormal power outage causing `UNEXPECTED INCONSISTENCY`, requiring manual `fsck`. | After unmounting the disk, execute `fsck` to repair the superblock. |
| Disk Space Full: | `/` partition 100% causing SSH to fail to create session files. | After mounting, clean up `/var/log` or large files. |
How to Enter Rescue Mode?
The operation interface varies slightly between different cloud service providers, but the core logic is the same. The following example uses a mainstream KVM virtualization architecture (applicable to most international and domestic cloud providers).
Log in to your cloud service provider's console, locate the target VPS instance, and click "Manage" to enter the "Emergency Rescue" or "Rescue" tab. Enable the rescue system by clicking "Enable Rescue Mode" or "Reboot from Rescue System." The system will prompt for a temporary root password or a VNC console entry. Some providers will directly provide a rescue SSH connection command. Perform a hardware reboot (Hard Reboot) by clicking the reboot button (Note: Soft reboot `reboot` is ineffective when the system is frozen; you must use the console's forced reboot/power restart).
Wait approximately 1-2 minutes, then connect via VNC or the provided temporary IP/port using SSH.
Practical Operation in Rescue Mode (Code Practice)
After successfully entering rescue mode, you will see a command-line prompt similar to `root@rescue:~#`.
To view the disk structure, you first need to identify which disk was originally the system disk.
# List all block devices
lsblk
# Or use fdisk to view partition details
fdisk -lTypical output example:
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
vda 252:0 0 40G 0 disk
├─vda1 252:1 0 1G 0 part
└─vda2 252:2 0 39G 0 partUsually, `vda` or `sda` is the system disk (without the numeric suffix), `vda1` is `/boot`, and `vda2` is the root partition `/`.
Mounting the system root partition
The root partition of the main system needs to be mounted to the directory of the rescue system, for example, `/mnt`.
# Assuming the root partition is /dev/vda2
mount /dev/vda2 /mnt
# If there is a separate boot partition, it also needs to be mounted.
mount /dev/vda1 /mnt/boot
# Mount the necessary system directories (proc, sys, dev) for subsequent chroot operations.
mount -t proc proc /mnt/proc
mount -t sysfs sys /mnt/sys
mount -o bind /dev /mnt/devScenario 1: Forgot the root password — Reset the password
Use `chroot` to switch to the original system environment and change the password.
# Switch root directory to the original system
chroot /mnt /bin/bash
# Change root password
passwd root
# (Optional) If the system uses SELinux, it is recommended to execute this after changing the password
touch /.autorelabel
# Exit chroot environment
exitScenario 2: File system corruption — Disk repair
If you encounter the error `wrong fs type, bad option, bad superblock` when mounting, it means the file system is corrupted. Force mounting is strictly prohibited; repair must be performed first.
# First confirm the partition type, usually ext4 or xfs
blkid /dev/vda2
# If it is an ext4 file system, perform repair
fsck.ext4 -y /dev/vda2
# If it is an xfs file system, perform repair
xfs_repair /dev/vda2Note: Repair operations are risky. If the data is extremely important, it is recommended to create a snapshot backup in the console before performing the operation.
Scenario 3: Firewall Error Prevents SSH Access
# Directly Modify the Original System Configuration File
# For example, disable firewalld auto-start in CentOS/RHEL
chroot /mnt systemctl disable firewalld
# Or, in Ubuntu, clear the iptables rules and save the file
echo "" > /mnt/etc/iptables/rules.v4
Exit Rescue Mode and Restore Normal StartupAfter repair, do not directly type `reboot` in SSH, as this will restart and enter rescue mode again.
Correct Procedure: Return to the cloud service provider's console. In the "Rescue Mode" or "Boot Settings" options, select "Boot from Hard Disk" or "Disable Rescue Mode". Click "Restart" instance. After a short wait, try SSH login using a normal IP address and port.
Rescue mode is the last line of defense for VPS operations. It gives administrators the ability to access data and repair the bootloader even when the system has completely crashed.
- Definition: A temporary memory system that does not rely on the main disk. - Principle: Bypasses the Master Boot Record and loads a temporary image from the virtualization layer.
- Applications: Password recovery, file system repair, and rollback of misconfigurations.
- Ironclad Rule: Create a snapshot backup before performing any operation!
Mastering the use of rescue mode will help you calmly handle system crashes and configuration errors, significantly shortening recovery time (RTO).
